A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predefined security rules. It is the primary control for preventing unauthorized external access to an organization's network, making it the best answer.
A. Firewall (Correct Answer) – Firewalls prevent unauthorized access by filtering traffic, blocking malicious connections, and securing the network perimeter.
B. Encryption – While encryption protects data confidentiality, it does not actively prevent unauthorized access to a network.
C. Antivirus – Antivirus software protects against malware and viruses but does not prevent unauthorized network access.
D. Biometrics – Biometrics controls physical or logical access (e.g., fingerprint authentication) but does not secure a network from external threats.
IIA GTAG 15 – Information Security Governance highlights firewalls as a critical security control for network protection.
IIA IPPF Standard 2110 – Governance emphasizes the need for network security policies that include firewalls.
NIST SP 800-41 Rev. 1 – Guidelines on Firewalls and Firewall Policy states that firewalls are the first line of defense in securing organizational networks.
Explanation of Each Option:IIA References:
